Cisco 350-018 Online Practice Questions and Exam Preparation

Cisco 350-018 Online Questions & Answers

• Question 731:

  What does the SXP protocol exchange between peers?

  A. IP to SGT binding information
  B. MAC to SGT binding information
  C. ingress port to SGT binding information
  D. ingress switch to SGT binding information
  A. IP to SGT binding information

• Question 732:

  Which three statements about Cisco Secure Desktop are true? (Choose three)

  A. It is interpretable with Clientless SSL VPN, AnyConnect, and the IPSec VPN client.
  B. Its supports shared network folder
  C. It validate PKI certificates
  D. It supports multiple prelogin checks, including IP address, certificate and OS
  E. It supports unlimited CSD locations.
  F. It can be pre-installed to reduce download time.
  B. Its supports shared network folder
  C. It validate PKI certificates
  E. It supports unlimited CSD locations.

• Question 733:

  Refer to the exhibit.

  

  Client1 has an IPsec VPN tunnel established to a Cisco ASA adaptive security appliance in Chicago. The remote access VPN client wants to access www.cisco.com, but split tunneling is disabled. Which of these is the appropriate configuration on the Cisco ASA adaptive security appliance if the VPN client's public IP address is 209.165.201.10 and it is assigned a private address from 192.168.1.0/24?

  A. same-security-traffic permit intra-interface ip local pool ippool 192.168.1.1-192.168.1.254 global (outside) 1 209.165.200.230 nat (inside) 1 192.168.1.0 255.255.255.0
  B. same-security-traffic permit intra-interface ip local pool ippool 192.168.1.1-192.168.1.254 global (outside) 1 209.165.200.230 nat (outside) 1 192.168.1.0 255.255.255.0
  C. same-security-traffic permit intra-interface ip local pool ippool 192.168.1.1-192.168.1.254 global (inside) 1 209.165.200.230 nat (inside) 1 192.168.1.0 255.255.255.0
  D. same-security-traffic permit intra-interface ip local pool ippool 192.168.1.1-192.168.1.254 global (outside) 1 209.165.200.230 nat (outside) 1 209.165.201.10 255.255.255.255
  E. same-security-traffic permit intra-interface ip local pool ippool 192.168.1.1-192.168.1.254 global (outside) 1 209.165.200.230 nat (inside) 1 209.165.201.10 255.255.255.255
  F. same-security-traffic permit intra-interface ip local pool ippool 192.168.1.1-192.168.1.254 global (inside) 1 209.165.200.230 nat (inside) 1 209.165.201.10 255.255.255.255
  B. same-security-traffic permit intra-interface ip local pool ippool 192.168.1.1-192.168.1.254 global (outside) 1 209.165.200.230 nat (outside) 1 192.168.1.0 255.255.255.0

• Question 734:

  A frame relay PVC at router HQ has a CIR of 768 kb/s and the frame relay PVC at router branch office has a CIR of 384 kb/s. Which QoS mechanism can best be used to ease the data congestion and data loss due to the CIR speed mismatch?

  A. traffic policing at the HQ
  B. traffic policing at the branch office
  C. traffic shaping at the HQ
  D. traffic shaping at the branch office
  E. LLQ at the HQ
  F. LLQ at the branch office
  C. traffic shaping at the HQ

• Question 735:

  Which two statements describe GRE? (Choose two.)

  A. GRE acts as passenger protocol for a Layer 3 transport protocol.
  B. GRE acts as a tunneling protocol and encapsulates other protocols.
  C. GRE provides data confidentiality.
  D. Packet MTU must be adjusted to accommodate GRE overhead.
  E. GRE does not allow multicast to be sent across the tunnel.
  F. The GRE tunnel interface remains down until it can see the remote tunnel end.
  B. GRE acts as a tunneling protocol and encapsulates other protocols.
  D. Packet MTU must be adjusted to accommodate GRE overhead.

• Question 736:

  Refer to the exhibit of an ISAKMP debug.

  

  Which message of the exchange is failing?

  A. main mode 1
  B. main mode 3
  C. aggressive mode 1
  D. main mode 5
  E. aggressive mode 2
  B. main mode 3

• Question 737:

  Which three object tracking options are supported by Cisco IOS policy-based routing? (Choose three.)

  A. absence of an entry in the routing table
  B. existence of a CDP neighbor relationship
  C. existence of an entry in the routing table
  D. results of an SAA operation
  E. state of the line protocol of an interface
  C. existence of an entry in the routing table
  D. results of an SAA operation
  E. state of the line protocol of an interface

• Question 738:

  You run the show ipv6 port-map telnet command and you see that the port 23 (system- defined) message and the port 223 (user-defined) message are displayed. Which command is in the router configuration?

  A. ipv6 port-map port telnet 223
  B. ipv6 port-map port 23 port 23223
  C. ipv6 port-map telnet port 23 233
  D. ipv6 port-map telnet port 223
  D. ipv6 port-map telnet port 223

• Question 739:

  Which two statement about the DNS are true? (Choose two.)

  A. The client-server architecture is based on query and response messages.
  B. Query and response messages have different format.
  C. In the DNS message header, the QR flag set to 1 indicates a query.
  D. In the DNS header, an Opcode value of 2 represents a client status request.
  E. In the DNS header, the Rcode value is set to 0 in Query message.
  A. The client-server architecture is based on query and response messages.
  D. In the DNS header, an Opcode value of 2 represents a client status request.

• Question 740:

  What is Cisco CKM (Centralized Key Management) used for?

  A. to allow an access point to act as a TACACS server to authenticate the client
  B. to avoid configuring PSKs (Pre-Shared Key) locally on network access devices and to configure a PSK once on a RADIUS server
  C. to provide switch port security
  D. to allow authenticated client devices to roam from one access point to another without any perceptible delay during re-association
  D. to allow authenticated client devices to roam from one access point to another without any perceptible delay during re-association